hxxps://aka[.]ms/AAb9ysg

Analysis

max time kernel
600s
max time network
586s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
05/05/2023, 14:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://aka.ms/AAb9ysg

Score

5^/10

microsoft phishing

Malware Config

Signatures

Detected potential entity reuse from brand microsoft.
phishing microsoft

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133277720239067804"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1964	chrome.exe
1964	chrome.exe
2308	chrome.exe
2308	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe
Token: SeShutdownPrivilege	1964	chrome.exe
Token: SeCreatePagefilePrivilege	1964	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe
1964	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1964 wrote to memory of 2580	1964	chrome.exe	87
PID 1964 wrote to memory of 2580	1964	chrome.exe	87
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4780	1964	chrome.exe	88
PID 1964 wrote to memory of 4360	1964	chrome.exe	89
PID 1964 wrote to memory of 4360	1964	chrome.exe	89
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90
PID 1964 wrote to memory of 3660	1964	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" https://aka.ms/AAb9ysg
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xdc,0x108,0x7ff876b39758,0x7ff876b39768,0x7ff876b39778
  2⤵
  PID:2580
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=1824,i,17285484343295215821,3349393730165721048,131072 /prefetch:2
  2⤵
  PID:4780
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1824,i,17285484343295215821,3349393730165721048,131072 /prefetch:8
  2⤵
  PID:4360
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2192 --field-trial-handle=1824,i,17285484343295215821,3349393730165721048,131072 /prefetch:8
  2⤵
  PID:3660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3200 --field-trial-handle=1824,i,17285484343295215821,3349393730165721048,131072 /prefetch:1
  2⤵
  PID:992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3196 --field-trial-handle=1824,i,17285484343295215821,3349393730165721048,131072 /prefetch:1
  2⤵
  PID:1668
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3856 --field-trial-handle=1824,i,17285484343295215821,3349393730165721048,131072 /prefetch:1
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4800 --field-trial-handle=1824,i,17285484343295215821,3349393730165721048,131072 /prefetch:8
  2⤵
  PID:3604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 --field-trial-handle=1824,i,17285484343295215821,3349393730165721048,131072 /prefetch:8
  2⤵
  PID:4980
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=2576 --field-trial-handle=1824,i,17285484343295215821,3349393730165721048,131072 /prefetch:1
  2⤵
  PID:2060
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2416 --field-trial-handle=1824,i,17285484343295215821,3349393730165721048,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2308

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2656

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
161KB

MD5
d0689623f131fcb540b6b70ff1c8b55a

SHA1
50726cae90a7d1cd36246d1d929a2ab77a785de6

SHA256
345aa90fb35c263b36c1fbe3dbe0d4151029eb80bebb0b759b5344960e950883

SHA512
e7ba0546266d2e798912cae355aad65b73fa8c108349ea73074700701e55617c46a49edf531e2424a98aee1d85ce340ce94def0b121eaa191c0e510074fe58c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
8e2f748909691a334ee8a9d0b34f0846

SHA1
98b60a7b71fd1fb705444b8bec79376ebfd3377d

SHA256
9047965ce2c5a588a0cfe0a7a4fa749d2be8921b3a7f3a311f8093d791354311

SHA512
525e22e8b03d426a08be723cabd94bf5ea55f9275ac1a7ea752b55dbea19eb2edc331bf2c2dd1f0c09d349acf86c028aa478348761827ba82dfd44ad1a0fed53

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
814adaa3297a2824b6a2c25e7ed19a9b

SHA1
45432c50de7517c3f87459a50415944b138d5c6f

SHA256
585befefc768c6f5bea7a5aa9b74d171a98254b478f541cddfb374a7095666f2

SHA512
8a6259082f254b5eae8bc2807e5833337a5c94240d4e240e4a33fb59a9ef42ee4c5c75958234e0178c43181e02957f50975ad405dfb4ace715aaa60a6a76f963

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
d2daffc0b41823d2dbf80bc83317dce6

SHA1
2ad2346cf17a30834533fadb954dd98a66d6f33f

SHA256
a2a625947eb2f1735adc95747c62f35296d6345fa1100733dee05d545dae9d82

SHA512
cdeef0920e782fde216ada7f06afe6c777b8a6828ff5564b65973db66072d3b4315f5dc4948ae7366c717e75c42479c25331d63303997240e2fcd13f4995999a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
a1a4e97c8627de5f34f92d3e51817c31

SHA1
fe52847566c09b47df49e21c9b398d98a89d44ea

SHA256
b14376245ea0643e3e5aaf64f0422a6b28d78f2b1c60c33f6c3ee0cd432a6c7e

SHA512
d0590e4b9b8367a9eec36b798b7479f7ab407884ff3b47ef7f467b9e566db52900eeaf0aec12e872c0ef98e69837ff19d063a4a855e73eb907c17a9e141abbaa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
b7c9c1d47ff9fdb021603881a430a5c0

SHA1
cd2b804c17da84b37795a07b8d519bddff83f4b8

SHA256
3b8511db130c464cb3ae6c489f2079df62808f25167680ea622223119af1f6a6

SHA512
a23cca52a509df96fee3b4375e3cb50a6fdc3545b5517d893c620a1a95246a47583cc44db9b168dd081ea6f9079eb8623a2e2c3115085cb3581206f121d0e951

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
fda870e5d1ed2dddecd3a37fbaa82a17

SHA1
162bbc6cf502af4c480f7e14bb0f012de5b9ecc1

SHA256
469152e862a9430edaa4aea1f667427ff340f8e9ba031b0351f67f573e7ed785

SHA512
ce2b8fb56d24c8fe29034eb4c5e91f27b1a6e3974d0fcd80dbb03ce88c2f49499706a46fbe13f6944373e0b0266bf42414dbfc19aead6aedd2e55197366c874f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
874B

MD5
c0750c7aaea7948ec5b39d6418dca48f

SHA1
c8d0fb2943e439d4941b2cfdc800795f413f817d

SHA256
c7bd31e8f4247202e3d3b471ac0270e6f9c28d634cd12b1b207c7a4569337ef4

SHA512
974cdaba91c9d3f6d0a3cb668470e4220c8fd242bf036f497fbac9e188765303ddef6ff8efeb59edc1f401d2e40369467e8e31f6dcb3d021801f084004921905

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
e6c931e947b6ff47ad4a8dfb3d66ad7d

SHA1
189f72c5db3fd194f6e60956c6f00cda09348c23

SHA256
7e2f93baaad9240f4a4efe9d884f9650932ac4df80d7874acd648605f827eb93

SHA512
4a4b25a08a186aecceb58d96690708daedc318b46623b7a4f2ef9f90a0aa5efae612852c25c3ea7a7793973553692a978c80c8c2348119a5c769f9be691c7c67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
bcbebdcfe8c1016ec4fa667c8db7d143

SHA1
6f3cba4ba35051b093c5945f2046dd251239c933

SHA256
3b8eb72676f36c2eaafe5913987da5193d5358993f39c4f9e9524dc6641ab123

SHA512
e1ea8261b6d8d747e69c044125dc36bf16f098f537475b8030e7cef743c203c05cb3b20dcf026828a82affa15b576ace162e140fe542bb3e9a8505d3e0c91a60

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
fea0955d38f245bba7ae91f671c363ab

SHA1
cb9a3ae1a6f317788b4e786ef94b7c69599566fc

SHA256
cc8ff4620401a7d66f357bbd4c0f13c8e31b9a99c921cefb8d6a77768c75417a

SHA512
417de6ef3a79480a53f7fe62a1e26b2f8acffb129066b6615cedba03a7200ce520565d174e065eb44c13d3ceb9b237d5b98134a682adb450e4fba72e6a514875

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
1513f69e8ffff878af5d99f55df30660

SHA1
fae1482b7d8b6e5e07d53cafa4c8c8e44a84d4a2

SHA256
27b7bfbc20faf018bd55dd2df3cec236165d5c4474f8a84157daffbcdbbebfbd

SHA512
be2c8cc9be344510174d78b1ea086116f1b965c8f9e02f37ccff73200694ba1235afa6944dc13c86888cb5097de56b3275f5988f0c46c7b61ac6a76a21c8f9d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
bdac5ff6894f9cc8c0e687fc9d882db0

SHA1
e491b9caf5937c01f2115e8a34d8b9def166ebd4

SHA256
43da7a9a48ac74fcda1b1c9b10c9d1295dde2a8dc5e4ab95ea707412f65ff56b

SHA512
67df4a4d6d34c63fe67b79cecdf9e9bab5b6baa2c7ca5cc9ee80f70dccadeb1ae4ca61ab7ac3e9ffafe983b59ce76c14c9f7477f1906604397daca51441d2be3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
148KB

MD5
fb1fc527008998ecf0efb35e89feca3a

SHA1
042836c2a39f6c9d15a829206e7c801dfbc9ae4a

SHA256
28ac176b51778997442de0997735622dd5de6499e17ea9b4c67625b825d53b89

SHA512
df58e69fac15c23e5d44b515db749d2dfbd8a0f87ecce50f81aaf2c6c14ed55025513b2f2b0abe65baee91e419c71f30b67424adc03f299804620012e06ab153

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit